summaryrefslogtreecommitdiffstats
path: root/caps/nsIAddonPolicyService.idl
blob: de218ff70c59133acd4a59217814ec9f0d458d61 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsISupports.idl"
#include "nsIURI.idl"

/**
 * This interface allows the security manager to query custom per-addon security
 * policy.
 */
[scriptable, uuid(8a034ef9-9d14-4c5d-8319-06c1ab574baa)]
interface nsIAddonPolicyService : nsISupports
{
  /**
   * Returns the default content security policy which applies to extension
   * documents which do not specify any custom policies.
   */
  readonly attribute AString defaultCSP;

  /**
   * Same as above, but used for extensions using manifest v3.
   */
  readonly attribute AString defaultCSPV3;

  /**
   * Returns the base content security policy which applies to all extension resources.
   */
  AString getBaseCSP(in AString aAddonId);

  /**
   * Returns the content security policy which applies to documents belonging
   * to the extension with the given ID. This may be either a custom policy,
   * if one was supplied, or the default policy if one was not.
   */
  AString getExtensionPageCSP(in AString aAddonId);

  /**
   * Returns the generated background page as a data-URI, if any. If the addon
   * does not have an auto-generated background page, an empty string is
   * returned.
   */
  ACString getGeneratedBackgroundPageUrl(in ACString aAddonId);

  /**
   * Returns true if the addon was granted the |aPerm| API permission.
   */
  boolean addonHasPermission(in AString aAddonId, in AString aPerm);

  /**
   * Returns true if unprivileged code associated with the given addon may load
   * data from |aURI|.  If |aExplicit| is true, the <all_urls> permission and
   * permissive host globs are ignored when checking for a match.
   */
  boolean addonMayLoadURI(in AString aAddonId, in nsIURI aURI, [optional] in boolean aExplicit);

  /**
   * Returns the name of the WebExtension with the given ID, or the ID string
   * if no matching add-on can be found.
   */
  AString getExtensionName(in AString aAddonId);

  /**
   * Returns true if a given extension:// URI is web-accessible and loadable by the source.
   * This should be called if the protocol flags for the extension URI has URI_WEB_ACCESSIBLE.
   */
  boolean sourceMayLoadExtensionURI(in nsIURI aSourceURI, in nsIURI aExtensionURI);

  /**
   * Maps an extension URI to the ID of the addon it belongs to.
   */
  AString extensionURIToAddonId(in nsIURI aURI);
};

/**
 * This interface exposes functionality related to add-on content policy
 * enforcement.
 */
[scriptable, uuid(7a4fe60b-9131-45f5-83f3-dc63b5d71a5d)]
interface nsIAddonContentPolicy : nsISupports
{
  /* options to pass to validateAddonCSP
   *
   * Manifest V2 uses CSP_ALLOW_ANY.
   * In Manifest V3, extension_pages would use CSP_ALLOW_WASM
   * and sandbox would use CSP_ALLOW_EVAL.
   */
  const unsigned long CSP_ALLOW_ANY = 0xFFFF;
  const unsigned long CSP_ALLOW_LOCALHOST = (1<<0);
  const unsigned long CSP_ALLOW_EVAL = (1<<1);
  const unsigned long CSP_ALLOW_REMOTE = (1<<2);
  const unsigned long CSP_ALLOW_WASM = (1<<3);

  /**
   * Checks a custom content security policy string, to ensure that it meets
   * minimum security requirements. Returns null for valid policies, or a
   * string describing the error for invalid policies.
   */
  AString validateAddonCSP(in AString aPolicyString, in unsigned long aPermittedPolicy);
};